PT-2024-6242 · Microsoft · Windows Kernel-Mode Driver +1

Name of the Vulnerable Software and Affected Versions: Windows Kernel-Mode Driver affected versions not specified Description: The issue is related to the use of an uninitialized resource in the Windows Kernel-Mode Driver, which can be exploited to disclose protected information. This allows...

CVE-2024-43899

A NULL pointer dereference vulnerability was found in dcn20getdcccompressioncap function in the dcn20resource.c file in the AMD GPU driver in the Linux Kernel. This issue could allow an attacker to make the system hang when using the mpv media player with specific hardware acceleration options...

CVE-2024-43899

CVE-2024-43899 affects the Linux kernel’s DRM AMD display path. The vulnerability is a NULL pointer dereference in dcn20_resource.c that can cause a hang when MPV runs on a DCN401 dGPU, specifically during fullscreen playback after enabling fullscreen (double click). Affected component/function c...

The vulnerability of the secure kernel mode of Windows operating systems allows attackers to enhance their privileges.

The vulnerability of the Windows operating system’s safe mode is related to access control deficiencies. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the secure kernel mode of Windows operating systems allows attackers to enhance their privileges.

The vulnerability of the Windows operating system’s safe mode is related to overflowing buffers in dynamic memory. Exploiting this vulnerability can allow an attacker to gain increased privileges...

CVE-2022-48914

In the Linux kernel, the following vulnerability has been resolved: xen/netfront: destroy queues before realnumtxqueues is zeroed xennetdestroyqueues relies on info-netdev-realnumtxqueues to delete queues. Since d7dac083414eb5bb99a6d2ed53dc2c1b405224e5 "net-sysfs: update the queue counts in the...

Intel® Ethernet Controllers and Adapters Advisory

Summary: Potential security vulnerabilities in some Intel® Ethernet Controllers and Adapters may allow escalation of privilege or denial of service. Intel is releasing firmware and software updates to mitigate these potential vulnerabilities. Vulnerability Details: CVEID: CVE-2024-21810...

CVE-2022-48870 tty: fix possible null-ptr-defer in spk_ttyio_release

In the Linux kernel, the following vulnerability has been resolved: tty: fix possible null-ptr-defer in spkttyiorelease Run the following tests on the qemu platform: syzkaller: modprobe speakupaudptr input: Speakup as /devices/virtual/input/input4 initialized device: /dev/synth, node MAJOR 10,...

Important: linux-firmware

Issue Overview: Improper validation in a model specific register MSR could allow a malicious program with ring0 access to modify SMM configuration while SMI lock is enabled, potentially leading to arbitrary code execution. CVE-2023-31315 Affected Packages: linux-firmware Note: This advisory is...

CVE-2024-42289 scsi: qla2xxx: During vport delete send async logout explicitly

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: During vport delete send async logout explicitly During vport delete, it is observed that during unload we hit a crash because of stale entries in outstanding command array. For all these stale I/O entries, ehabort...

CVE-2024-42270 netfilter: iptables: Fix null-ptr-deref in iptable_nat_table_init().

In the Linux kernel, the following vulnerability has been resolved: netfilter: iptables: Fix null-ptr-deref in iptablenattableinit. We had a report that iptables-restore sometimes triggered null-ptr-deref at boot time. 0 The problem is that iptablenattableinit is exposed to user space before the...

CVE-2024-28947

Improper input validation in kernel mode driver for some IntelR Server Board S2600ST Family firmware before version 02.01.0017 may allow a privileged user to potentially enable escalation of privilege via local access...

CVE-2024-28947

Improper input validation in kernel mode driver for some IntelR Server Board S2600ST Family firmware before version 02.01.0017 may allow a privileged user to potentially enable escalation of privilege via local access...

Microsoft and Adobe Patch Tuesday, August 2024 Security Update Review

Microsoft’s August Patch Tuesday updates are out, and they address a range of vulnerabilities across multiple products. Let’s dive into the key updates and their implications. Microsoft Patch Tuesday for August 2024 Microsoft Patchs Tuesday, August 2024 edition addressed 102 vulnerabilities,...

Talos discovers Microsoft kernel mode driver vulnerabilities that could lead to SYSTEM privileges; Seven other critical issues disclosed

Microsoft disclosed six security vulnerabilities that are actively being exploited across its products as part of the companys regular Patch Tuesday security update. In all, Augusts monthly round of patches from Microsoft included 87 vulnerabilities, seven of which are considered critical. In...

CVE-2024-38187

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability...

CVE-2024-38187

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability...

CVE-2024-38186

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability...

CVE-2024-38186

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability...

CVE-2024-38184

Windows Kernel-Mode Driver Elevation of Privilege Vulnerability...